Hacking Hacking Workshop #2 is on 21st May

[Darren McDonald]

While the masses demanded the 15th May, this isnt a democracy. Due to
the Ardino workshop on the same day who will also be after the quiet
room, I've decided upon the 21st of May, 1300 - ~1700.

Details of workshop #2 :

We will be covering
CSRF
Blind SQL Injection
How to turn SQL injection into owning the box outright
If anyone has anything else they'd like to look at, say so

You will need the following equipment and software
A portable computer which can access the space's wireless network
Firefox
The Sun/Oracle Java Runtime Environment (JRE)
Burp Suite ( pro or demo version from http://portswigger.net/ )
Netcat (easy to use) or socat (a bit of a pain, but awesomely powerful)
All of these tools will run on Mac/Windows/Linux/BSD, take your pick

The following skills
A basic understanding of Stored and Reflected XSS
A basic understanding of SQL Injection
A little practice of using Burp Suite
A vague understanding of HTTP

If you do not have these skills, a quick rerun of workshop #1 will be
running form 1030-1230

For this you will just need:
Firefox
The Sun/Oracle Java Runtime Environment (JRE)
A portable computer which can access the space's wireless network
General computer literacy and half a brain
TO BE ON TIME! *

* Last time some people arrived late and after a point I just didnt
have time help them get setup and to troubleshoot their laptops.

If anyone attempts to pay me this time around, I'll be taking your
cash and putting it towards some good whiskey. Instead id recommend
donating it to the space or becoming a member

Best,

Renski

[Darren Hubbard]

Hey Darren,

I'll definitely be there (for both sessions), no last minute surprises for me this time!

Cheers,

Darren

--
**********

darren....@gmail.com

[Prestwick]

Excellent! Can't wait for this to start! :)

> darren.hubb...@gmail.com

[Tim Storey]

I'd like to come to both sessions. It sounds great. Do I need to do more than say yes on the list ?

t

On 22 April 2011 19:51, Darren McDonald <dar...@dmcdonald.net> wrote:

[Darren McDonald]

Nope, im keeping rough track of numbers

[asc]

> room, I've decided upon the 21st of May, 1300 - ~1700.

Hello Darren,

Count me in for both sessions please!

-asc

[Alex Muller]

On Apr 22, 7:51 pm, Darren McDonald <dar...@dmcdonald.net> wrote:
> room, I've decided upon the 21st of May, 1300 - ~1700.

I'll definitely be along for #2.

[Prestwick]

Darren said:

"If anyone attempts to pay me this time around, I'll be taking your

cash and putting it towards some good whiskey.."

But don't we give the teacher a good bottle of single malt at the END
of the semester? :o

[booyaa]

Hi!

New guy here, do I need to be a member to attend? I'm new to hackspace thing, I'll be going to one of the open night events on Tuesday to get a feel for the place.

Cheers!

booyaa

[Darren McDonald]

nope, the workshop is open to everyone.

[Kussic]

Yup, most definitely I'll make it for this one...

Sounds fairly interesting, and could do with a refresher :)

[Darren McDonald]

What do you mean you need a refresher? You should be doing this every other day!

Renski

[Darren McDonald]

Quick Reminder, the hacking hacking workshop is this Saturday.

[Adrian Godwin]

I thought hacking hacking was what we did all the time. Shouldn't it
be the the-other-sort-of-hacking workshop ?

-adrian

[booyaa]

is the refresher workshop #1 still on at 10:30am?

[Darren McDonald]

Yeah, it is.

[Darren McDonald]

No, that's hacking. This is hacking^2.

[booyaa]

re: burpsuite - looks like they only do free or pro, can't find the demo version. will the free version suffice? or can i use one of the following alternatives (according to alternativeto.net): nikto, tamper data or websecurity?

[Darren McDonald]

sorry, I mean the free version. If you're familiar with another web
security proxy, that'll be fine.

[booyaa]

heads up guys, unless a miracle occurs, i'm going to miss refresher workshop. if i do make it to 2nd part, and become hopeless lost, i'll tactfully disappear to the main area and surf.